一种面向审查的过程内数据流异常自动检测方法

南京大学学报(自然科学版) ›› 2010, Vol. 46 ›› Issue (1): 71–76.

一种面向审查的过程内数据流异常自动检测方法

卞磊 * , 刘超, 金茂忠

出版日期:2015-03-27 发布日期:2015-03-27
作者简介: ( 北京航空航天大学软件工程研究所, 北京, 100083)
基金资助:

A method for intra?procedural data flow anomaly autodetection facing to inspection

Bian Software Engineering Institute, Beihang University, Beijing, 100083, China)Lei, Liu Chao, Jin MaoZhong

Online:2015-03-27 Published:2015-03-27
About author: (Software Engineering Institute, Beihang University, Beijing, 100083, China)

摘要/Abstract

摘要： 审查是预防代码缺陷的重要手段, 但审查耗时, 浪费人力, 需要自动化工具对其进行辅助. 数据流异常是审查中着重检查的缺陷之一, 本文提出了一种基于有穷自动机的过程内数据流异常的检测
方法. 此方法首先对被测过程进行静态分析, 得到被测过程的逻辑路径; 而后基于有穷自动机和已获得的逻辑路径, 通过每个数据项的状态迁移来判断数据流是否存在异常. 本文介绍的方法面向审查, 并不
局限于某种特定的语言, 并且一定程度上提高了数据流异常检测和审查的效率.

Abstract: Code inspection plays an important role in constructing the quality of software product, but inspection wastes time and human resource, and needs assistant with some automated tools. Data flow anomalies is that the
variable is used incorrectly in the code, and it means that there are potential errors in the code. Data flow anomalies is an important type of defects in the check list which is used during inspection, and it is also mainly focus on during
inspection. Based on a review of data flow anomalies, the defects that relates with data flow anomalies can be found before running the program, and effectively improve software quality and reduce the cost of solving the software
problems. Data flow anomaly should be inspected carefully during inspection, this paper issues a method for intra procedural data flow anomaly auto?detection basing on finite automaton.
First, data flow and variables in a program are closely related, there are three different kinds of method to use a variable: define, refer and kill. When the variables are used incorrectly, there are six types of data flow anomaly.
Second, when the data flow anomalies in a code fragment are auto ?reviewed, the code is analyzed statically and the abstract syntax tree of the code can be got. After that, from the syntax tree, there are some different logical
paths that are made up of the statements in the code fragment, some of which are using variable. Finally, a finite automaton (M ealy) with four different states that is used to represent how a variable on the
logical path is used is build. The automaton? s input is the method with that the statement uses variable on the logical path and its output is whether the data flow anomaly exists. The state of the automaton will transfer if there
are some inputs, and by the transition of the states, intra procedural data flow anomaly should be found.The method introduced in the paper is language independent, faces to inspection, and improves the efficiency of
Data flow anomaly detection and code inspection.

卞磊 * , 刘超, 金茂忠 . 一种面向审查的过程内数据流异常自动检测方法

[J]. 南京大学学报(自然科学版), 2010, 46(1): 71–76.

Bian Software Engineering Institute, Beihang University, Beijing, 100083, China)Lei, Liu Chao, Jin MaoZhong . A method for intra?procedural data flow anomaly autodetection facing to inspection

[J]. Journal of Nanjing University(Natural Sciences), 2010, 46(1): 71–76.

参考文献

[ 1 ] Fagan M. Design and code inspections to reduce errors in program development. IBM Systems Journal, 1976, 15(3): 182~ 211.
[ 2 ] Beizer B. Software testing techniques. 2 nd edition. New York: International T homson Computer Press, 1990.
[ 3 ] Dunsmore A, Roper M, Wood M. Practical code inspection techniques for object?oriented systems: An experimental comparison. Software IEEE, 2003, 20( 4) : 21~ 29.
[ 4 ] ONeill D. Issues in software inspection. Software IEEE, 1997, 14( 1) : 18~ 19.
[ 5 ] Gerard O? Regan. A practical approach to software quality. Chen Y, Shan S Q. Beijing: Tsinghua Publishing, 2004. (Gerard O? Regan. 软件质量实用方法论. 陈?茵, 闪四清. 北京: 清华大学出版社, 2004) .
[ 6 ] Fosdick L D, Osterweil L J. Data flow analysis in software reliability. ACM Computing Surveys, 1976, 8(4): 41~ 56.
[ 7 ] Huang J C. Detection of dataflow anomaly through program instrumentation. IEEE T ransactions on Software Engineering, 1979, SE- 5(2) , 226~ 236.
[ 8 ] Louridas P. Static code analysis. Software IEEE, 2006, 23(4): 58~ 61.
[ 9 ] Tang F G, Qian H B. Method and implementation of data flow analysis for Ada software. Journal of Beijing University of Aeronautics and Astronautics, 1997, 23(1): 25~ 29. (唐发根, 钱红兵.
Ada 软件数据流分析方法及其实现. 北京航空航天大学学报, 1997, 23(1) : 25~ 29).
[10] Jiang Z L, Jiang S X, Formal Languages and Automaton Theory. Beijing: Tsinghua Publishing, 2003, 123~ 124. ( 蒋宗礼, 姜守旭. 形式语言与自动机理论. 北京: 清华大学出版社, 2003, 123~ 124) .
[11] John E H, Rajeev M, Jeffrey D U. Introduction to Automata Theory, Languages, and Computation. Beijing: China Machine Press, 2004, 80~ 81. (John E H, Rajeev M, Jeffrey D U 著. 自动机理论、语言和计算导论. 刘?田, 姜?晖, 王捍贫.
北京: 机械工业出版社, 2004, 80~ 81) .

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed